Once the vulnerabilities are discovered it is very important to act on it!
This can be do by schedule the right people to do the patching, reconfiguration on the right systems.
Then follow up that the fixed got applied by doing new scans.

It also allows to see the history of earlier scans and compared month by month that the security level get higher.

It is possible to easily go back and see the past vulnerabilities and assure the management that they got resolved
by doing audits.

Another important vulnerability scanning ability is to find unknown to database special made scripts.
This is done by crawling a site like a search engine for example Google, and discover scripts that are linked to.
This can be scripts the organization employees or web agency have made them self.

There is a big chance of scripts being made by employees or web agencies to have security vulnerabilities.

Simple because the fact that typically the people writing those scripts are not security experts and only focus on to resolve
the given problem.